Articles

Sharing our performance and security knowledge. A place where we record insights, research and thought leadership.

Full text logging search

How the WordPress Gets Hacked in 2022 - Initial Reconnaissance

This articles explains how the WordPress JSON API and XMLRPC can be used to attack WordPress website using Brute Force techniques.





Read More


Posted in Security_Research   WordPress     /   2022-07-27

WordPress PHP Backdoor to DDoS Attacks

Analysis of how a PHP Backdoor on a compromised WordPress site is being used to start DDoS Attacks





Read More


Posted in Security_Research   Malware_Analysis     /   2022-07-25

Protecting SSH on Web Servers

This article explains how to protect SSH on web servers using basic Tips but placing emphasis on IP whitelisting.





Read More


Posted in Server_Security   SSH     /   2022-07-20

Open-Source CMS’ and Software Bill of Material (SBOM) | NOC

Apache is a powerful web server and logging is a critical piece to managing a web server. In this article we explain the two log types: access and error, and how to work with them.





Read More


Posted in SBOM   Compliance   Security   Governance     /   2022-07-17

Responding to Security Incidents – Incident Response Plan Basics and Log4Shell

This articles provides a a basic framework that security teams can use to build an incident response plan.





Read More


Posted in Security   Governance   Program     /   2022-06-14

Log4Shell – Lessons Learned in 30 Days

This articles provides a PSA for the WordPress 5.8.3 security release.





Read More


Posted in Log4Shell   Vulnerability   PSA   WAF   Security     /   2022-06-14

NMAP – A Free Network Mapping Tool

This articles provides a PSA for the WordPress 5.8.3 security release.





Read More


Posted in Free   Security   Tools   NMAP     /   2022-06-13

WordPress 5.8.3 Security Release

This articles provides a PSA for the WordPress 5.8.3 security release.





Read More


Posted in PSA   WordPress   Security   WAF     /   2022-06-13

Cloud-based Web Application Firewalls (WAF) & The Log4J Vulnerability

This articles speaks to the effectiveness of WAF solutions in protecting against exploits targeting the Log4J vulnerability.





Read More


Posted in PSA   Log4J   Vulnerabilities   Security   WAF     /   2022-06-13

Does DNSSEC matter?

This articles dives into the world of DNSSEC and explores its value to today's domain security.





Read More


Posted in CDN   Product   Features     /   2022-06-13

Introducing DNSRepo

This articles introduces DNSRepo to the NOC.





Read More


Posted in CDN   Product   Features     /   2022-06-13

Introducing Support for WebSockets

This articles introduces WebSockets to the NOC CDN / WAF platform.





Read More


Posted in CDN   Product   Features     /   2022-06-13

Active Exploits against CVE-2021-41773 (Apache Web Server Exploit)

This articles speaks to exploits against CVE-2021-41773. A vulnerability effecting Apache Web Server.





Read More


Posted in Vulnerabilities   Apache   PSA   Security   WAF     /   2022-06-13

The Most Effective Security Control for Open Source Admin Panels Never Used

This articles explains why it is important to block administrative panels on platforms like WordPress.





Read More


Posted in WordPress   Joomla   Access   Security   WAF     /   2022-06-13

WooCommerce Patches Two SQLi Vulnerabilities

This articles talks about two SQLi vulnerabilities in WooCommerce, patched in 2021.





Read More


Posted in Vulnerabilities   PSA   Security   WAF     /   2022-06-13

Evolving the CDN / WAF Stack

This articles explains the NOC architecture, diving into the details to understand how it works.





Read More


Posted in NOC   Architecture   Product   Feature     /   2022-06-10

Securing WordPress in The Enterprise

This articles provides a guide on how to harden WordPress to keep hackers out of the website.





Read More


Posted in WordPress   Security   Enterprise     /   2022-06-10

How the JSON API and XMLRPC are used for Brute Force Attacks Against WordPress

This articles explains how the WordPress JSON API and XMLRPC can be used to attack WordPress website using Brute Force techniques.





Read More


Posted in Image   Optimization   CDN   Product   Feature     /   2022-06-10

Web Applications / Assets Led the Charge in Breaches in 2020 According to the Verizon DBIR

This articles dives into the 2021 Verizon DBIR and analyzes how Web Applications and their assets contributed to breaches





Read More


Posted in Image   Optimization   CDN   Product   Feature     /   2022-06-10

Optimized Origin with the NOC CDN

This articles explains how optimizing your origin has a positive impact on how your website performance for your users.





Read More


Posted in Image   Optimization   CDN   Product   Feature     /   2022-06-10

WordPress Forced Updates vs Auto-Updates and Abusing User Defined Intent

This articles talks about forcing updates in the WordPress platform, and provides opinions on how that effects user defined intent.





Read More


Posted in WordPress   Security     /   2022-06-10

Arbitrary File Vulnerabilities And Why They Matter to Your Website

This articles explains Arbitrary File Upload Vulnerabilities and why they matter to the security of your website.





Read More


Posted in WAF   Vulnerabilities   Security     /   2022-06-10

The Domain Name System (DNS)

DNS stands for Domain Name System (DNS), you might hear it used interchangeably with Domain Name Server (DNS).. This article explains DNS, and how it works





Read More


Posted in Networking   DNS   Educational   Security   Features     /   2022-06-10

Automated Attacks Against WordPress Target Old Vulnerabilities

This article shows how attacks against WordPress are mostly automated.





Read More


Posted in Research   Security   WAF   WordPress     /   2022-06-10

The Importance of Asset Monitoring

This article explains why it's important to monitor assets like servers, websites and domains.





Read More


Posted in Networking   Performance   Monitoring   Educational   Security   Features     /   2022-06-09

How to Improve the Largest Contentful Paint (LCP) – Web Core Vital Metrics

This article explains how CDN's can have a positive effect on the performance of a website.





Read More


Posted in Performance   CDN   LCP     /   2022-06-09

The Affects of a CDN on your Websites Performance and Users Experience (and Google)

This article explains how CDN's can have a positive effect on the performance of a website.





Read More


Posted in Networking   Performance   Educational   Security   Products   Features     /   2022-06-08

Registries, Registrars and DNS

This aricle explains the differences between Registries, Registrars and DNS services.





Read More


Posted in Networking   Registry   Registrar   DNS   Educational   Security     /   2022-06-08

Autodetecting Network Failures and Self-Healing To Ensure Optimal Availability

This article explains how automating the detection of downtime can be crucial to an organization and DevSecOps team.





Read More


Posted in Networking   Performance   Educational   Security   Products   Features     /   2022-06-08

Using cURL to test the Performance of a Website

This article explains how cURL can be used to measure the performance of a website.





Read More


Posted in cURL   Performance   Educational   Security     /   2022-06-08

Using cURL to Test the NOC CDN Performance against Fastly, Sucuri and CloudFlare

This article explains how cURL can be used to compare performance against different CDN providers (e.g., NOC vs Sucuri, NOC vs CloudFlare).





Read More


Posted in cURL   Performance   Educational   Security     /   2022-06-08

Improve Your Websites Speed and Security

14 days free trial. No credit card required. Get started